In-Reply-To: : 44457936.4090207@emmanuelcomputerconsulting.com

On Tue, 18 Apr 2006 19:41:42 -0400, William Warren hescominsoon@emmanuelcomputerconsulting.com wrote:

I installed SeLinux in warn mode. HOw do i check to see what it is wanring about? This wil help me in make a decision to turn it to active mode..:)

Try this:

$ audit2allow --help audit2allow [-d] [-v] [-l] [-i <inputfile> ] [-o <outputfile>] -d read input from output of /bin/dmesg -v verbose output -l read input only after last "load_policy" -i read input from <inputfile> -o append output to <outputfile>

$ audit2allow -v -1 /var/log/messages

This will not only tell you what SELinux is complaining about, it will give you the basic information needed to configure your local policy file in:

/etc/selinux/targeted/src/policy/domains/misc/local.te

To implement policy changes, edit the local.te file as indicated by audit2allow and rebuild your SELinux policy files with:

$ /etc/selinux/targeted/src/policy/make reload

Be advised however that audit2allow may suggest policy alterations that are broader than strictly necessary. It is probably worth your while to post your contemplated policy changes here and get some informed opinions about whether they actually should be more restrictive.

To do any of this you need to first install the selinux-policy-targeted rpm.

Regards, Jim